Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Who should be in charge of designing the database – team members, who understand

ID: 3818991 • Letter: W

Question

Who should be in charge of designing the database – team members, who understand the application requirements, or a database design expert, who may not understand the problem domain issues but does understand good database design? How can the team verify that the solution is correct and, more difficult, that it is efficient? Another interesting combination of both database and integrity is how to design and implement so that the database is secure from injection attacks? What kind of encryption should be used within the database? What data needs to be secure?

Explanation / Answer

I prefer a database design expert should be in charge of designing the database. A design expert may sometimes, with his experience can understand the application requirements and domain issues but the team members who work on the application can never design the perfect encrypted database. To design a database and secure it, an expert is required. so I prefer a database design expert.

Well, we can never say a database or a system is 100% secured from injections or attacks, but we can prevent most of them by following some of the precautions:

1. Always using stored Procedures which required permissions while using the database from the application level.

2. Avoiding Dynamic SQL where ever it is possible.

3. Always follow the strategy of least privileges. To any account which uses the database, giving limited access where the account can retrieve only on the information it requires help to keep the database secured.

4. Always trying to find the vulnerabilities by testing the database.

5. Upgrading and updating to the latest versions and patches released by the company(software).

Database Encryption:

This helps in generally protecting the data either implementing it outside or inside the database.

User/Data encryption is the process that is in general carried out. Encryption of specific columns or tables or data elements with in the database is done in this process.It is called as user encryption because the objects or data types that are encrypted are done on "per-user" basis. Tokenization, which helps in data security also is implemented. The main objective is to provide protection against disclosure of data and enforcing separation of duties on authorized users of the database. It helps to reduce overall performance impacts by encrypting only highly sensitive data by minimizing code and database changes. Overall, encryption techniques always depend on the Key Management and how applications use the database.

An example use case for this model is encrypting credit card numbers within a database.

Related Questions

Who can solve this complicated MATLAB problem? & Please provide a clear answer b
Question #3704160
Who commanded all Union forces when the Civil War began? A) General George B. Mc
Question #3461305
Who constructed the first genetic map based of the fruit fly X chromosome based
Question #173616
Who constructed the first genetic map based of the fruit fly X chromosome based
Question #225279
Who could help me do these two sample reports for the OLAP Describe two sample r
Question #3824785
Who developed the Army Alpha and Beta IQ test? A. Binet B. H.H. Goddard C. L. M.
Question #86170
Who developed the DNA typing known as RFLP? Who developed the DNA typing known a
Question #1026363
Who did propose the first important theory of evolution? Darwin Lamarck Malthus
Question #167894

Navigate

Previous
Who should be in charge of designing the database – team members, who understand
Next
Who should provide aid (such as housing) to people who have been devastated by a

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.